Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2017-1348

    IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure... Read more

    Affected Products : sterling_b2b_integrator
    • EPSS Score: %0.27
    • Published: Jun. 23, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2016-0355

    IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111894.... Read more

    Affected Products : sametime
    • EPSS Score: %0.26
    • Published: Aug. 29, 2017
    • Modified: Apr. 20, 2025

  • 4.3

    MEDIUM
    CVE-2016-0238

    IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409... Read more

    Affected Products : security_guardium
    • EPSS Score: %0.22
    • Published: Jul. 05, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-13160

    A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-37160362.... Read more

    Affected Products : android
    • EPSS Score: %1.26
    • Published: Dec. 06, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-11645

    NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 do not require authentication for logfile.html, status.html, or system_config.html.... Read more

    Affected Products : 4gt101w_software 4gt101w_bootloader
    • EPSS Score: %0.40
    • Published: Jul. 28, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2271

    Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : attachecase
    • EPSS Score: %0.14
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-12906

    Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) cheaters.php or (2) confirm_resend.php.... Read more

    Affected Products : nexusphp
    • EPSS Score: %0.24
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12861

    The Epson "EasyMP" software is designed to remotely stream a users computer to supporting projectors.These devices are authenticated using a unique 4-digit code, displayed on-screen - ensuring only those who can view it are streaming.All Epson projectors ... Read more

    Affected Products : easymp
    • EPSS Score: %3.72
    • Published: Oct. 10, 2017
    • Modified: Apr. 20, 2025

  • 7.8

    HIGH
    CVE-2017-12823

    Kernel pool memory corruption in one of drivers in Kaspersky Embedded Systems Security version 1.2.0.300 leads to local privilege escalation.... Read more

    Affected Products : embedded_systems_security
    • EPSS Score: %0.15
    • Published: Dec. 08, 2017
    • Modified: Apr. 20, 2025

  • 6.5

    MEDIUM
    CVE-2017-11136

    An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. It uses RSA to exchange a secret for symmetric encryption of messages. However, the private RSA key is not only stored o... Read more

    Affected Products : heinekingmedia
    • EPSS Score: %0.14
    • Published: Aug. 01, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-10056

    Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospitality Applications (subcomponent: Property Management Systems). The supported version that is affected is 4.0. Easily exploitable vulnerability allows low privileged attacker with logo... Read more

    Affected Products : hospitality_9700
    • EPSS Score: %0.12
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-10169

    Vulnerability in the Oracle Hospitality 9700 component of Oracle Hospitality Applications (subcomponent: Operation Security). The supported version that is affected is 4.0. Easily exploitable vulnerability allows low privileged attacker with logon to the ... Read more

    Affected Products : hospitality_9700
    • EPSS Score: %0.12
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12910

    SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter.... Read more

    Affected Products : nexusphp
    • EPSS Score: %0.49
    • Published: Aug. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.4

    MEDIUM
    CVE-2016-6021

    IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credent... Read more

    • EPSS Score: %0.20
    • Published: Aug. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2014-7859

    Stack-based buffer overflow in login_mgr.cgi in D-Link firmware DNR-320L and DNS-320LW before 1.04b08, DNR-322L before 2.10 build 03, DNR-326 before 2.10 build 03, and DNS-327L before 1.04b01 allows remote attackers to execute arbitrary code by crafting m... Read more

    • EPSS Score: %11.42
    • Published: Aug. 25, 2017
    • Modified: Apr. 20, 2025

  • 9.0

    HIGH
    CVE-2014-5302

    Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5 through v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4 allows remote authenticated users to execute arbitrary code.... Read more

    • EPSS Score: %53.88
    • Published: Aug. 28, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2015-9233

    The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php.... Read more

    Affected Products : cp_contact_form_with_paypal
    • EPSS Score: %0.23
    • Published: Sep. 30, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-12677

    IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow remote attackers to obtain sensitive information about the IdentityServer authorization response.... Read more

    Affected Products : identityserver3
    • EPSS Score: %0.23
    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-12648

    XSS exists in Liferay Portal before 7.0 CE GA4 via a bookmark URL.... Read more

    Affected Products : liferay_portal
    • EPSS Score: %0.25
    • Published: Aug. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-12620

    When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.... Read more

    Affected Products : opennlp
    • EPSS Score: %1.02
    • Published: Oct. 03, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 291712 Results